﻿using System;
using System.Web.Security;
using DAL.Repositories;
using GameAdmin.Classes;

namespace GameAdmin
{
    public partial class login : System.Web.UI.Page
    {
        protected void Page_Init(object sender, EventArgs e)
        {
            if (Request["ReturnUrl"] != null) Response.Redirect("~/login.aspx", true);
            if (User.Identity.IsAuthenticated) Response.Redirect("~/", true);

            btnLogin.Click += new EventHandler(btnLogin_Click);
        }

        void btnLogin_Click(object sender, EventArgs e)
        {
            if (txtMeno.Text != String.Empty && txtHeslo.Text != String.Empty)
            {
                string correctHash = UserRepository.GetUserPassword(txtMeno.Text);

                if (!String.IsNullOrEmpty(correctHash))
                {
                    bool authenticated = Security.ValidatePassword(txtHeslo.Text, correctHash);
                    if (authenticated)
                    {
                        FormsAuthentication.RedirectFromLoginPage(txtMeno.Text, false);
                    }
                    else
                    {
                        lblMessage.Visible = true;
                        lblMessage.Text = "Nesprávné jméno/heslo.";
                    }
                }
                else
                {
                    lblMessage.Visible = true;
                    lblMessage.Text = "Nesprávné jméno/heslo.";
                }
            }
        }
    }
}